blattm
commented
2 years ago In some cases, the file size of dumps might increase drastically. This is probably caused by segments being connected, which should be separate.
Closed blattm closed 2 years ago
blattm
commented
2 years ago In some cases, the file size of dumps might increase drastically. This is probably caused by segments being connected, which should be separate.
blattm
commented
2 years ago The issue of large dumps should now be resolved. Dump tasks are now split at large reserved segments.
The threshold has to be set in config.py. To correctly dump .NET executables, it should be set to at least 0x1000. By setting it to None, splitting is disabled.
danielplohmann
commented
2 years ago everything confirmed, works awesomely, thanks a lot!
This fix to the
DumpPersisterwill pad segments with nullbytes ifdumped_size < size.Without this fix, especially dumps of .NET payloads will miss several chunks of 0x1000 nullbytes, corrupting the dump.